package com.dhnsoft.boot3.security.config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.web.SecurityFilterChain;

/**
 * @author dhn
 * @version 1.0
 * @date 2023-09-16 10:38
 * @Desc
 */
@Configuration
public class AppSecurityConfiguration {


    @Bean
    SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
        //请求授权
        http.authorizeHttpRequests(registry->{
            registry.requestMatchers("/").permitAll()//1.首页所有人都允许
                    .anyRequest().authenticated();//2.剩下的任意请求都需要认证（登录）
        });
        //表单登录
        //3.表单登录功能：开启默认的表单登录功能，SpringSecurity会提供默认的登录表单
        http.formLogin(formLogin -> {
            formLogin.loginPage("/login").permitAll();
        });

        return http.build();
    }
}
